<div dir="ltr"><div>Thank you Brian!<br></div>+1 for solving this, I left my comments in review.<div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Sep 29, 2017 at 12:00 PM, Luke Hinds <span dir="ltr"><<a href="mailto:lhinds@redhat.com" target="_blank">lhinds@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On Fri, Sep 29, 2017 at 3:08 AM, Brian Rosmaita <span dir="ltr"><<a href="mailto:rosmaita.fossdev@gmail.com" target="_blank">rosmaita.fossdev@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello API WG,<br>
<br>
I've got a patch up for a proposal to fix OSSN-0075 by introducing a<br>
new policy.  There are concerns that this will introduce an<br>
interoperability problem in that an API call that works in one<br>
OpenStack cloud may not work in other OpenStack clouds.  As author of<br>
the spec, I think this is an OK trade-off to fix the security issue,<br>
but not all members of the Glance community agree, so we're trying to<br>
get some wider perspective.  We'd appreciate it if some API-WG members<br>
could take a look and leave a comment:<br>
<br>
<a href="https://review.openstack.org/#/c/468179/" rel="noreferrer" target="_blank">https://review.openstack.org/#<wbr>/c/468179/</a><br>
<br>
If you could respond by Tuesday 3 October, that would give us time to<br>
get this worked out before the spec freeze (6 October).<br>
<br>
thanks,<br>
brian<br>
<br></blockquote><div><br></div></span><div>+1 for efforts to take this forward and find a resolution, from a security standpoint it would be good to see this solved.</div><span class="HOEnZb"><font color="#888888"><div><br></div><div>Luke</div></font></span><span class=""><div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib</a><br></blockquote></span></div>
</div></div>
<br>______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">OpenStack-dev-request@lists.<wbr>openstack.org?subject:<wbr>unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/<wbr>cgi-bin/mailman/listinfo/<wbr>openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div style="color:rgb(136,136,136);font-size:12.8000001907349px">Adam Heczko</div><div style="color:rgb(136,136,136);font-size:12.8000001907349px">Security Engineer @ Mirantis Inc.</div></div></div>
</div>